package com.predic8.membrane.core.interceptor.oauth2.flows;

import com.predic8.membrane.core.exchange.Exchange;
import com.predic8.membrane.core.http.Response;
import com.predic8.membrane.core.interceptor.Outcome;
import com.predic8.membrane.core.interceptor.authentication.session.SessionManager;
import com.predic8.membrane.core.interceptor.oauth2.OAuth2AuthorizationServerInterceptor;
import com.predic8.membrane.core.interceptor.oauth2.ParamNames;
import com.predic8.membrane.core.util.URLUtil;
import java.math.BigInteger;
import java.security.SecureRandom;

/* loaded from: input_file:lib/service-proxy-core-4.5.0.jar:com/predic8/membrane/core/interceptor/oauth2/flows/CodeFlow.class */
public class CodeFlow extends OAuth2Flow {
    public CodeFlow(OAuth2AuthorizationServerInterceptor oAuth2AuthorizationServerInterceptor, Exchange exchange, SessionManager.Session session) {
        super(oAuth2AuthorizationServerInterceptor, exchange, session);
    }

    @Override // com.predic8.membrane.core.interceptor.oauth2.flows.OAuth2Flow
    public Outcome getResponse() throws Exception {
        String generateAuthorizationCode = generateAuthorizationCode();
        synchronized (this.session) {
            this.session.getUserAttributes().put(ParamNames.CODE, generateAuthorizationCode);
        }
        this.authServer.getSessionFinder().addSessionForCode(generateAuthorizationCode, this.session);
        return respondWithAuthorizationCodeAndRedirect(this.exc, generateAuthorizationCode, this.session);
    }

    protected static String generateAuthorizationCode() {
        return new BigInteger(130, new SecureRandom()).toString(32);
    }

    protected Outcome respondWithAuthorizationCodeAndRedirect(Exchange exchange, String str, SessionManager.Session session) throws Exception {
        String str2;
        String str3 = null;
        String pathQuery = URLUtil.getPathQuery(this.authServer.getRouter().getUriFactory(), exchange.getRequestURI());
        if (pathQuery.startsWith("/")) {
            pathQuery = pathQuery.substring(1);
        }
        if (pathQuery.startsWith("?")) {
            pathQuery = pathQuery.substring(1);
        }
        if (!pathQuery.isEmpty()) {
            str3 = pathQuery;
        }
        synchronized (session) {
            if (str3 == null) {
                str3 = session.getUserAttributes().get(ParamNames.STATE);
            }
            str2 = session.getUserAttributes().get(ParamNames.REDIRECT_URI);
        }
        exchange.setResponse(Response.redirect(str2 + "?code=" + str + stateQuery(str3), false).dontCache().body("").build());
        return Outcome.RETURN;
    }
}
